編集

次の方法で共有


New-AzVirtualNetworkGatewayConnection

Creates the Site-to-Site VPN connection between the virtual network gateway and the on-prem VPN device.

Syntax

New-AzVirtualNetworkGatewayConnection
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-AuthorizationKey <String>]
   -VirtualNetworkGateway1 <PSVirtualNetworkGateway>
   [-VirtualNetworkGateway2 <PSVirtualNetworkGateway>]
   [-LocalNetworkGateway2 <PSLocalNetworkGateway>]
   -ConnectionType <String>
   [-RoutingWeight <Int32>]
   [-DpdTimeoutInSeconds <Int32>]
   [-ConnectionMode <String>]
   [-SharedKey <String>]
   [-Peer <PSPeering>]
   [-EnableBgp <Boolean>]
   [-UseLocalAzureIpAddress]
   [-Tag <Hashtable>]
   [-Force]
   [-UsePolicyBasedTrafficSelectors <Boolean>]
   [-IpsecPolicies <PSIpsecPolicy[]>]
   [-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
   [-ConnectionProtocol <String>]
   [-IngressNatRule <PSResourceId[]>]
   [-EgressNatRule <PSResourceId[]>]
   [-GatewayCustomBgpIpAddress <PSGatewayCustomBgpIpConfiguration[]>]
   [-AsJob]
   [-ExpressRouteGatewayBypass]
   [-EnablePrivateLinkFastPath]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-AzVirtualNetworkGatewayConnection
   -Name <String>
   -ResourceGroupName <String>
   -Location <String>
   [-AuthorizationKey <String>]
   -VirtualNetworkGateway1 <PSVirtualNetworkGateway>
   [-VirtualNetworkGateway2 <PSVirtualNetworkGateway>]
   [-LocalNetworkGateway2 <PSLocalNetworkGateway>]
   -ConnectionType <String>
   [-RoutingWeight <Int32>]
   [-DpdTimeoutInSeconds <Int32>]
   [-ConnectionMode <String>]
   [-SharedKey <String>]
   [-PeerId <String>]
   [-EnableBgp <Boolean>]
   [-UseLocalAzureIpAddress]
   [-Tag <Hashtable>]
   [-Force]
   [-UsePolicyBasedTrafficSelectors <Boolean>]
   [-IpsecPolicies <PSIpsecPolicy[]>]
   [-TrafficSelectorPolicy <PSTrafficSelectorPolicy[]>]
   [-ConnectionProtocol <String>]
   [-IngressNatRule <PSResourceId[]>]
   [-EgressNatRule <PSResourceId[]>]
   [-GatewayCustomBgpIpAddress <PSGatewayCustomBgpIpConfiguration[]>]
   [-AsJob]
   [-ExpressRouteGatewayBypass]
   [-EnablePrivateLinkFastPath]
   [-DefaultProfile <IAzureContextContainer>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Creates the Site-to-Site VPN connection between the virtual network gateway and the on-prem VPN device.

Examples

Example 1

$vnetgw1 = Get-AzVirtualNetworkGateway -ResourceGroupName "Rg1" -Name "gw1"
$vnetgw2 = Get-AzVirtualNetworkGateway -ResourceGroupName "Rg1" -Name "gw2"
New-AzVirtualNetworkGatewayConnection -Name conn-client-1 -ResourceGroupName "Rg1" -VirtualNetworkGateway1 $vnetgw1 -VirtualNetworkGateway2 $vnetgw2 -Location "eastus" -ConnectionType Vnet2Vnet -SharedKey 'a1b2c3d4e5'

Example 2 Add/Update IngressNatRule/EgressNatRule to an existing virtual network gateway connection

$vnetgw1 = Get-AzVirtualNetworkGateway -ResourceGroupName "Rg1" -Name "vnetgw1"
$vnetgw2 = Get-AzVirtualNetworkGateway -ResourceGroupName "Rg1" -Name "vnetgw2"
$ingressnatrule = Get-AzVirtualNetworkGatewayNatRule -ResourceGroupName "Rg1" -Name "natRule1" -ParentResourceName vnetgw1
$egressnatrule = Get-AzVirtualNetworkGatewayNatRule -ResourceGroupName "Rg1" -Name "natRule2" -ParentResourceName vnetgw1
New-AzVirtualNetworkGatewayConnection -Name conn-client-1 -ResourceGroupName $RG1 -VirtualNetworkGateway1 $vnetgw1 -VirtualNetworkGateway2 $vnetgw2 -Location "eastus" -ConnectionType Vnet2Vnet -SharedKey 'a1b2c3d4e5' `
-IngressNatRule $ingressnatrule -EgressNatRule $egressnatrule

The first command gets a virtual network gateway natRule named natRule1 that's type is IngressSnat. The second command gets a virtual network gateway natRule named natRule2 that's type is EgressSnat. The third command creates this new virtual Network gateway connection with Ingress and Egress NatRules.

Example 3 Add GatewayCustomBgpIpAddress to virtual network gateway connection

$LocalnetGateway = Get-AzLocalNetworkGateway -ResourceGroupName "PS_testing" -name "testLng"
$gateway = Get-AzVirtualNetworkGateway -ResourceGroupName PS_testing -ResourceName testGw
$address = New-AzGatewayCustomBgpIpConfigurationObject -IpConfigurationId "/subscriptions/83704d68-d560-4c67-b1c7-12404db89dc3/resourceGroups/PS_testing/providers/Microsoft.Network/virtualNetworkGateways/testGw/ipConfigurations/default" -CustomBgpIpAddress "169.254.21.1"

New-AzVirtualNetworkGatewayConnection -ResourceGroupName "PS_testing" -name "Conn" -location "eastus" -VirtualNetworkGateway1 $gateway -LocalNetworkGateway2 $localnetGateway -ConnectionType IPsec -RoutingWeight 3 -SharedKey abc -GatewayCustomBgpIpAddress $address -EnableBgp $true

The two command gets a local network gateway and virtual network gateway. The thrid command creates a AzGatewayCustomBgpIpConfigurationObject. The third command creates this new virtual Network gateway connection with GatewayCustomBgpIpAddress.

Parameters

-AsJob

Run cmdlet in the background

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AuthorizationKey

AuthorizationKey.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ConnectionMode

Virtual Network Gateway Connection Mode.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ConnectionProtocol

Gateway connection protocol:IKEv1/IKEv2

Type:String
Accepted values:IKEv1, IKEv2
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ConnectionType

Gateway connection type:IPsec/Vnet2Vnet/ExpressRoute/VPNClient

Type:String
Accepted values:IPsec, Vnet2Vnet, ExpressRoute, VPNClient
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with Azure.

Type:IAzureContextContainer
Aliases:AzContext, AzureRmContext, AzureCredential
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-DpdTimeoutInSeconds

Dead Peer Detection Timeout of the connection in seconds.

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-EgressNatRule

The list of egress NAT rules that are associated with this Connection.

Type:PSResourceId[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-EnableBgp

Whether to establish a BGP session over a S2S VPN tunnel

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-EnablePrivateLinkFastPath

Bypass the ExpressRoute gateway when accessing private-links. ExpressRoute FastPath (ExpressRouteGatewayBypass) must be enabled.

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ExpressRouteGatewayBypass

Whether to use accelerated virtual network access by bypassing gateway

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Force

Do not ask for confirmation if you want to overwrite a resource

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-GatewayCustomBgpIpAddress

The GatewayCustomBgpIpAddress of Virtual network gateway used in this connection.

Type:PSGatewayCustomBgpIpConfiguration[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-IngressNatRule

The list of ingress NAT rules that are associated with this Connection.

Type:PSResourceId[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-IpsecPolicies

A list of IPSec policies.

Type:PSIpsecPolicy[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-LocalNetworkGateway2

local network gateway.

Type:PSLocalNetworkGateway
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Location

location.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Name

The resource name.

Type:String
Aliases:ResourceName
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Peer

Peer

Type:PSPeering
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-PeerId

PeerId

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-ResourceGroupName

The resource group name.

Type:String
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-RoutingWeight

RoutingWeight.

Type:Int32
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-SharedKey

The Ipsec share key.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Tag

A hashtable which represents resource tags.

Type:Hashtable
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-TrafficSelectorPolicy

A list of traffic selector policies.

Type:PSTrafficSelectorPolicy[]
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-UseLocalAzureIpAddress

Whether to use PrivateIP for this S2S VPN tunnel

Type:SwitchParameter
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-UsePolicyBasedTrafficSelectors

Whether to use policy-based traffic selectors for a S2S connection

Type:Boolean
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-VirtualNetworkGateway1

First virtual network gateway.

Type:PSVirtualNetworkGateway
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-VirtualNetworkGateway2

Second virtual network gateway.

Type:PSVirtualNetworkGateway
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

String

PSVirtualNetworkGateway

PSLocalNetworkGateway

Int32

PSPeering

Boolean

SwitchParameter

Hashtable

PSIpsecPolicy[]

PSTrafficSelectorPolicy[]

PSGatewayCustomBgpIpConfiguration[]

Outputs

PSVirtualNetworkGatewayConnection